[apparmor] [00/38] Replace file rule handling with FileRule and FileRuleset classes

[Christian Boltz]

Hello,

this patch series introduces the FileRule and FileRuleset classes and
changes several code sections to use these classes instead of the old
'path' hasher.

Basically this is "just" a rewrite of the file rule handling, but it 
also adds some new features like support for rules with leading 
permissions. Nevertheless the total diffstat (excluding tests) results in 
350 lines _less_ code than before :-)

I tried to split the series into not-too-big patches with useful
descriptions to make the review easier. This also means that some things
temporarily don't work if only some of the patches are applied (this is
usually mentioned in the patch description), and get fixed by a later
patch.

For testing (both make check and manual testing), I recommend to apply
all patches, not only the first X patches.

BTW: Test coverage jumps from 48% to 56% :-)


If you don't want to manually pull all patches out of the following
mails, you can also download them as tarball:
    www.cboltz.de/tmp/apparmor-filerule.tgz

This file should have the sha256sum
    620edf19df8362633bc6a7020872441b1d4f00eb436def4d59931e410906c7db



diffstat over all patches in this series:

 utils/aa-mergeprof                     |  455 ++----------
 utils/apparmor/aa.py                   | 1135 ++++++++-----------------------
 utils/apparmor/aamode.py               |  110 ---
 utils/apparmor/aare.py                 |   58 +
 utils/apparmor/cleanprofile.py         |   36 -
 utils/apparmor/regex.py                |   27 
 utils/apparmor/rule/__init__.py        |   72 +-
 utils/apparmor/rule/capability.py      |    2 
 utils/apparmor/rule/change_profile.py  |    2 
 utils/apparmor/rule/dbus.py            |   16 
 utils/apparmor/rule/file.py            |  597 +++++++++++++++-
 utils/apparmor/rule/network.py         |    2 
 utils/apparmor/rule/ptrace.py          |    4 
 utils/apparmor/rule/rlimit.py          |    2 
 utils/apparmor/rule/signal.py          |    4 
 utils/apparmor/severity.py             |   24 
 utils/test/cleanprof_test.out          |    8 
 utils/test/fake_ldd                    |    2 
 utils/test/test-aa.py                  |  149 +++-
 utils/test/test-aare.py                |  114 +++
 utils/test/test-baserule.py            |   17 
 utils/test/test-file.py                | 1174 +++++++++++++++++++++++++++++++--
 utils/test/test-parser-simple-tests.py |   24 
 utils/test/test-regex_matches.py       |   44 -
 utils/test/test-severity.py            |    9 
 25 files changed, 2552 insertions(+), 1535 deletions(-)


Regards,

Christian Boltz
-- 
> Kann ich auf einen Bootloader (lilo oder grub) verzichten,
> falls auf der Festplatte nur 2 Partitionen sind
Klar kannst du. Vorausgesetzt du kannst auch darauf verzichten
das Betriebssystem zu booten.
[> Wolfgang Erlenkötter und Hartmut Meyer in suse-linux]

signature.asc
Description: This is a digitally signed message part.

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor